private void SetGroups()
{
var roleStore = new RoleStore <Role, int, UserRole>(_context);
var roleManager = new ApplicationRoleManager(roleStore);
var userStore = new UserStore <User, Role, int, UserLogin, UserRole, UserClaim>(_context);
var userManager = new ApplicationUserManager(userStore);
var groupManagerStore = new ApplicationGroupStore(_context);
var groupManager = new ApplicationGroupManager(groupManagerStore, roleManager, userManager);
foreach (var group in GroupsToAdd)
{
var result = groupManager.CreateGroup(group);
if (!result.Succeeded)
{
throw new Exception(string.Join(",", result.Errors.ToArray()));
}
var roles = RolesToAdd.Select(x => x.Id).ToArray();
var resultSetGroupRoles = groupManager.SetGroupRoles(group.Id, roles);
if (!resultSetGroupRoles.Succeeded)
{
throw new Exception(string.Join(",", resultSetGroupRoles.Errors.ToArray()));
}
}
}
public ApplicationGroupManager()
{
_db = HttpContext.Current.GetOwinContext().Get<ApplicationDbContext>();
_userManager = HttpContext.Current.GetOwinContext().GetUserManager<ApplicationUserManager>();
_roleManager = HttpContext.Current.GetOwinContext().Get<ApplicationRoleManager>();
_groupStore = new ApplicationGroupStore(_db);
}
public ApplicationGroupManager(ApplicationDbContext db)
{
_db = db;
_groupStore = new ApplicationGroupStore(_db);
_roleManager = new ApplicationRoleManager(_db);
_userManager = new ApplicationUserManager(_db);
;
}
public ApplicationGroupManager()
{
_db = HttpContext.Current
.GetOwinContext().Get <ApplicationDbContext>();
_userManager = HttpContext.Current
.GetOwinContext().GetUserManager <ApplicationUserManager>();
_roleManager = HttpContext.Current
.GetOwinContext().Get <ApplicationRoleManager>();
_groupStore = new ApplicationGroupStore(_db);
}
private void CreateTestUser(int quantity)
{
// data test
var UsersTestToAdd = new List <User>();
for (var i = 1; i <= quantity; i++)
{
var user = new User
{
Name = $"User {i}",
UserName = $"user{i}",
Email = $"user{i}@itlab.com.br",
Active = (i % 8 != 0),
CreationUser = _context.GetCurrentUser(),
AuthenticationType = (i % 5 == 0) ? AuthenticationType.ActiveDirectory : AuthenticationType.DataBase
};
UsersTestToAdd.Add(user);
}
//
var userStore = new UserStore <User, Role, int, UserLogin, UserRole, UserClaim>(_context);
var userManager = new ApplicationUserManager(userStore)
{
UserLockoutEnabledByDefault = true
};
var roleStore = new RoleStore <Role, int, UserRole>(_context);
var roleManager = new ApplicationRoleManager(roleStore);
var groupManagerStore = new ApplicationGroupStore(_context);
var groupManager = new ApplicationGroupManager(groupManagerStore, roleManager, userManager);
foreach (var user in UsersTestToAdd)
{
//if (userManager.FindByEmail(user.Email) != null) continue;
//TODO: Devemos usar o CreateAsync, porém, não conseguimos utilizar dentro do foreach, depois precisa verificar o porque.
var result = userManager.Create(user, "123456");
if (!result.Succeeded)
{
throw new Exception(string.Join(",", result.Errors.ToArray()));
}
groupManager.SetUserGroups(user.Id, GroupsToAdd.Select(x => x.Id).ToArray());
foreach (var country in CountryAdd)
{
if (user.Countries.All(d => d.Id != country.Id))
{
user.Countries.Add(country);
}
}
}
}
private void SetUser()
{
var userStore = new UserStore <User, Role, int, UserLogin, UserRole, UserClaim>(_context);
var userManager = new ApplicationUserManager(userStore)
{
UserLockoutEnabledByDefault = true
};
var roleStore = new RoleStore <Role, int, UserRole>(_context);
var roleManager = new ApplicationRoleManager(roleStore);
var groupManagerStore = new ApplicationGroupStore(_context);
var groupManager = new ApplicationGroupManager(groupManagerStore, roleManager, userManager);
foreach (var user in UsersToAdd)
{
if (userManager.FindByEmail(user.Email) != null)
{
continue;
}
var result = userManager.Create(user, "123456");
if (!result.Succeeded)
{
throw new Exception(string.Join(",", result.Errors.ToArray()));
}
groupManager.SetUserGroups(user.Id, GroupsToAdd.Select(x => x.Id).ToArray());
foreach (var country in CountryAdd)
{
if (user.Countries.All(d => d.Id != country.Id))
{
user.Countries.Add(country);
}
}
}
}
//add application specific Claims to user's identity
private static ClaimsPrincipal AddCustomClaimsToPrincipal(String userName)
{
PrincipalContext princiContxt = null;
UserPrincipal thePrincipal = null;
//get the Domain context for the Directory Services
princiContxt = new PrincipalContext(ContextType.Domain);
//get the user-principal object from the Domain context using the specified username
thePrincipal = UserPrincipal.FindByIdentity(princiContxt, userName);
var customClaims = new List <System.Security.Claims.Claim> {
new System.Security.Claims.Claim(ClaimTypes.Email, userName),
new System.Security.Claims.Claim(ClaimTypes.Name, userName)
};
if (userName == "*****@*****.**")
{
var findItem = customClaims.Find(c => c.Value == "SuperAdmin");
if (findItem == null)
{
customClaims.Add(new System.Security.Claims.Claim("Group", "SuperAdmin"));
}
}
if (thePrincipal != null)
{
if (thePrincipal.Surname != null)
{
customClaims.Add(new System.Security.Claims.Claim(ClaimTypes.WindowsAccountName, thePrincipal.SamAccountName));
customClaims.Add(new System.Security.Claims.Claim(ClaimTypes.Surname, thePrincipal.Surname));
}
// get all groups the user is a member of
////
//// Todo for a weird error on crm dev server. uncomment the below line if you can solve it!
////
//customClaims.AddRange(thePrincipal.GetAuthorizationGroups().Select(group =>
// new System.Security.Claims.Claim("AD_Group", group.Name)));
PrincipalSearchResult <Principal> adGroup = thePrincipal.GetAuthorizationGroups();
var iterGroup = adGroup.GetEnumerator();
using (iterGroup)
{
while (iterGroup.MoveNext())
{
try
{
var p = iterGroup.Current;
if (string.IsNullOrEmpty(p.Name))
{
continue;
}
customClaims.Add(new System.Security.Claims.Claim("AD_Group", p.Name));
}
catch
{
continue;
}
}
}
//here you can add any claim type-value pairs, maybe some user settings read from DB.
var db = new ApplicationDbContext();
var userManager = new ApplicationUserStore(db);
var user = userManager.Users.FirstOrDefault(u => u.Email == thePrincipal.UserPrincipalName);
if (user != null)
{
customClaims.Add(new System.Security.Claims.Claim("UserId", user.Id.ToString()));
var claims = user.ApplicationClaims;
var groups = user.ApplicationGroups;
var rowFilters = user.ApplicationPrincipalRowFilters.Where(x => x.PrincipalType == "U");
var groupManager = new ApplicationGroupStore(db);
var claimManager = new ApplicationClaimStore(db);
var rowFilterManager = new RowFilterStore(db);
customClaims.AddRange(groups.Select(group => groupManager.FindById(group.ApplicationGroupId)).Select(g =>
new System.Security.Claims.Claim("Group", g.Name)));
customClaims.AddRange(claims.Select(claim => claimManager.FindById(claim.ApplicationClaimId)).Select(c =>
new System.Security.Claims.Claim(c.Key, c.Value)));
customClaims.AddRange(rowFilters.Select(r => rowFilterManager.FindById(r.Id)).Select(c =>
new System.Security.Claims.Claim(c.ApplicationRowFilterType.Name, c.RowFilterValue.ToString())));
var appgroupManager = new ApplicationGroupManager();
var groupList = groups.Select(group => groupManager.FindById(group.ApplicationGroupId));
foreach (var item in groupList)
{
var groupRowFilters = item.ApplicationPrincipalRowFilters.Where(x => x.PrincipalType == "G");
customClaims.AddRange(groupRowFilters.Select(r => rowFilterManager.FindById(r.Id)).Select(c =>
new System.Security.Claims.Claim(c.ApplicationRowFilterType.Name, c.RowFilterValue.ToString())));
foreach (var appclaim in appgroupManager.GetGroupClaims(item.Id))
{
var claim = new System.Security.Claims.Claim(appclaim.Key, appclaim.Value);
var findItem = customClaims.Find(c => c.Value == claim.Value && c.Type == claim.Type);
if (findItem == null)
{
customClaims.Add(claim);
}
}
}
}
}
//https://msdn.microsoft.com/en-us/library/system.security.claims.authenticationtypes(v=vs.110).aspx
var theCustomClaimsIdentity = new ClaimsIdentity(customClaims, authenticationType: "Negotiate");//Negotiate | Signing | Sealing
return(new ClaimsPrincipal(theCustomClaimsIdentity));
}
public ApplicationGroupManager()
{
_groupStore = new ApplicationGroupStore("InventoryConnection");
_userManager = HttpContext.Current.GetOwinContext().GetUserManager <ApplicationUserManager>();
_roleManager = HttpContext.Current.GetOwinContext().Get <ApplicationRoleManager>();
}
